Best way of synchronizing configs for multiple relay servers?

classic Classic list List threaded Threaded
7 messages Options
K F
Reply | Threaded
Open this post in threaded view
|

Best way of synchronizing configs for multiple relay servers?

K F
Hi all

I'm contemplating on how I best keep all our relay servers synchronized in their config.
They are set up as round robin servers in the DNS, so they distribute the load pretty ok.
My first idea was to set up some rsync to copy the relevant directories like /etc/postfix and /etc/opendkim.
Then I need a local script on each server looking for changes, and if there is, it should restart the postfix service.

I could also just mount the folders to a specific server, but then I introduce a SPOF, which is not what I would like, and I still need something on each server to restart the postfix service if any changes are detected.

Are there any nice ready made systems for this?
I don't have any mailboxes on the servers, as they are only relays from our internal systems, so there is no need for a big system that tries to synchronize those as well.

Best regards
Kenneth
Reply | Threaded
Open this post in threaded view
|

Re: Best way of synchronizing configs for multiple relay servers?

Patrick Ben Koetter-2
* K F <[hidden email]>:
> Hi all
> I'm contemplating on how I best keep all our relay servers synchronized in their config.They are set up as round robin servers in the DNS, so they distribute the load pretty ok.My first idea was to set up some rsync to copy the relevant directories like /etc/postfix and /etc/opendkim.Then I need a local script on each server looking for changes, and if there is, it should restart the postfix service.
> I could also just mount the folders to a specific server, but then I introduce a SPOF, which is not what I would like, and I still need something on each server to restart the postfix service if any changes are detected.
> Are there any nice ready made systems for this?I don't have any mailboxes on the servers, as they are only relays from our internal systems, so there is no need for a big system that tries to synchronize those as well.

Choose your weapons:

- Makefile
- Configuration Management System
- Containers and CI

p@rick

--
[*] sys4 AG
 
https://sys4.de, +49 (89) 30 90 46 64
Schleißheimer Straße 26/MG,80333 München
 
Sitz der Gesellschaft: München, Amtsgericht München: HRB 199263
Vorstand: Patrick Ben Koetter, Marc Schiffbauer, Wolfgang Stief
Aufsichtsratsvorsitzender: Florian Kirstein
 
K F
Reply | Threaded
Open this post in threaded view
|

Re: Best way of synchronizing configs for multiple relay servers?

K F
Not sure I understand the suggestions fully.
The configuration management systems I've found for postfix, are all concentrated on a single postfix system?
Containers? Like in Docker? Why? I have the servers set up already?
Not sure what the Makefile should do in the configuration context.

It's probably just me being narrowminded, so please elaborate so that I might get enlightened :-)

Den onsdag den 7. november 2018 12.02.32 CET skrev Patrick Ben Koetter <[hidden email]>:


* K F <[hidden email]>:

> Hi all
> I'm contemplating on how I best keep all our relay servers synchronized in their config.They are set up as round robin servers in the DNS, so they distribute the load pretty ok.My first idea was to set up some rsync to copy the relevant directories like /etc/postfix and /etc/opendkim.Then I need a local script on each server looking for changes, and if there is, it should restart the postfix service.
> I could also just mount the folders to a specific server, but then I introduce a SPOF, which is not what I would like, and I still need something on each server to restart the postfix service if any changes are detected.
> Are there any nice ready made systems for this?I don't have any mailboxes on the servers, as they are only relays from our internal systems, so there is no need for a big system that tries to synchronize those as well.


Choose your weapons:

- Makefile
- Configuration Management System
- Containers and CI

[hidden email]

--
[*] sys4 AG

https://sys4.de, +49 (89) 30 90 46 64
Schleißheimer Straße 26/MG,80333 München

Sitz der Gesellschaft: München, Amtsgericht München: HRB 199263
Vorstand: Patrick Ben Koetter, Marc Schiffbauer, Wolfgang Stief
Aufsichtsratsvorsitzender: Florian Kirstein


Reply | Threaded
Open this post in threaded view
|

Re: Best way of synchronizing configs for multiple relay servers?

Wietse Venema
In reply to this post by Patrick Ben Koetter-2
Patrick Ben Koetter:

> * K F <[hidden email]>:
> > Hi all
> > I'm contemplating on how I best keep all our relay servers synchronized in their config.They are set up as round robin servers in the DNS, so they distribute the load pretty ok.My first idea was to set up some rsync to copy the relevant directories like /etc/postfix and /etc/opendkim.Then I need a local script on each server looking for changes, and if there is, it should restart the postfix service.
> > I could also just mount the folders to a specific server, but then I introduce a SPOF, which is not what I would like, and I still need something on each server to restart the postfix service if any changes are detected.
> > Are there any nice ready made systems for this?I don't have any mailboxes on the servers, as they are only relays from our internal systems, so there is no need for a big system that tries to synchronize those as well.
>
> Choose your weapons:
>
> - Makefile
> - Configuration Management System

For a list, see https://en.wikipedia.org/wiki/Comparison_of_open-source_configuration_management_software

        Wietse

> - Containers and CI
Reply | Threaded
Open this post in threaded view
|

Re: Best way of synchronizing configs for multiple relay servers?

Patrick Ben Koetter-2
In reply to this post by K F
* K F <[hidden email]>:
>  Not sure I understand the suggestions fully.The configuration management systems I've found for postfix, are all concentrated on a single postfix system?Containers? Like in Docker? Why? I have the servers set up already?Not sure what the Makefile should do in the configuration context.
> It's probably just me being narrowminded, so please elaborate so that I might get enlightened :-)

Create your maps with a Makefile and let the script SCP things, for example.


>
>     Den onsdag den 7. november 2018 12.02.32 CET skrev Patrick Ben Koetter <[hidden email]>:  
>  
>  * K F <[hidden email]>:
> > Hi all
> > I'm contemplating on how I best keep all our relay servers synchronized in their config.They are set up as round robin servers in the DNS, so they distribute the load pretty ok.My first idea was to set up some rsync to copy the relevant directories like /etc/postfix and /etc/opendkim.Then I need a local script on each server looking for changes, and if there is, it should restart the postfix service.
> > I could also just mount the folders to a specific server, but then I introduce a SPOF, which is not what I would like, and I still need something on each server to restart the postfix service if any changes are detected.
> > Are there any nice ready made systems for this?I don't have any mailboxes on the servers, as they are only relays from our internal systems, so there is no need for a big system that tries to synchronize those as well.
>
> Choose your weapons:
>
> - Makefile
> - Configuration Management System
> - Containers and CI
>
> p@rick
>
> --
> [*] sys4 AG
>  
> https://sys4.de, +49 (89) 30 90 46 64
> Schleißheimer Straße 26/MG,80333 München
>  
> Sitz der Gesellschaft: München, Amtsgericht München: HRB 199263
> Vorstand: Patrick Ben Koetter, Marc Schiffbauer, Wolfgang Stief
> Aufsichtsratsvorsitzender: Florian Kirstein
>  
>  

--
[*] sys4 AG
 
https://sys4.de, +49 (89) 30 90 46 64
Schleißheimer Straße 26/MG,80333 München
 
Sitz der Gesellschaft: München, Amtsgericht München: HRB 199263
Vorstand: Patrick Ben Koetter, Marc Schiffbauer, Wolfgang Stief
Aufsichtsratsvorsitzender: Florian Kirstein
 
Reply | Threaded
Open this post in threaded view
|

Re: Best way of synchronizing configs for multiple relay servers?

Stefan Bauer-2
In reply to this post by K F
i have similar case and set the first relayseever inmy pool as the one on which changes ar eonly allowed. then i do scp + service restart to the others with bash oneliner on demand.

for the future i plan to check in config from any host to central svn/git repo and check frequently for changes from all nodes.

svn/git repo can also be a public one for redundancy reasons (github...) if content is not sensitive.

Am Mittwoch, 7. November 2018 schrieb K F :

> Hi all
> I'm contemplating on how I best keep all our relay servers synchronized in their config.
> They are set up as round robin servers in the DNS, so they distribute the load pretty ok.
> My first idea was to set up some rsync to copy the relevant directories like /etc/postfix and /etc/opendkim.
> Then I need a local script on each server looking for changes, and if there is, it should restart the postfix service.
> I could also just mount the folders to a specific server, but then I introduce a SPOF, which is not what I would like, and I still need something on each server to restart the postfix service if any changes are detected.
> Are there any nice ready made systems for this?
> I don't have any mailboxes on the servers, as they are only relays from our internal systems, so there is no need for a big system that tries to synchronize those as well.
> Best regards
> Kenneth
>
K F
Reply | Threaded
Open this post in threaded view
|

Re: Best way of synchronizing configs for multiple relay servers?

K F
In reply to this post by Wietse Venema
Thanks Wietse, looks very interesting. I'll dig into those.

Den onsdag den 7. november 2018 13.23.27 CET skrev Wietse Venema <[hidden email]>:


Patrick Ben Koetter:

> * K F <[hidden email]>:
> > Hi all
> > I'm contemplating on how I best keep all our relay servers synchronized in their config.They are set up as round robin servers in the DNS, so they distribute the load pretty ok.My first idea was to set up some rsync to copy the relevant directories like /etc/postfix and /etc/opendkim.Then I need a local script on each server looking for changes, and if there is, it should restart the postfix service.
> > I could also just mount the folders to a specific server, but then I introduce a SPOF, which is not what I would like, and I still need something on each server to restart the postfix service if any changes are detected.
> > Are there any nice ready made systems for this?I don't have any mailboxes on the servers, as they are only relays from our internal systems, so there is no need for a big system that tries to synchronize those as well.
>
> Choose your weapons:
>
> - Makefile
> - Configuration Management System

For a list, see https://en.wikipedia.org/wiki/Comparison_of_open-source_configuration_management_software

    Wietse


> - Containers and CI